package com.lg.atp.sercurity;


import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.access.SecurityConfig;
import org.springframework.security.web.FilterInvocation;
import org.springframework.security.web.access.intercept.FilterInvocationSecurityMetadataSource;
import org.springframework.stereotype.Component;
import org.springframework.util.AntPathMatcher;
import org.springframework.util.PathMatcher;

import com.lg.atp.common.Constants;
import com.lg.atp.entity.TblMenuButtonInfo;
import com.lg.atp.service.IMenuService;
	 
	 
@Component("mySecurityMetadataSource")
public class MySecurityMetadataSource implements FilterInvocationSecurityMetadataSource {
		
	private String[] passedUrls = {"/layui/**","/jsTree/**","/","/css/**","/images/**","/js/**","/wsServices/**"};
		
	private static Map<String, Collection<ConfigAttribute>> resourceMap = null;
	 
		
	@Autowired
	private IMenuService iMenuService;
		
	public Collection<ConfigAttribute> getAllConfigAttributes() {
			return null;
	}
	 
	public boolean supports(Class<?> clazz) {
			return true;
	}
	 
	private void loadResourceDefine() {
		 
			if (resourceMap == null ||resourceMap.isEmpty()) {
				loadResource();
			}
	}
	 
		
		
	public void reLoadResourceDefine(){
		loadResource();
	}	
	
	
	public void clearResourceDefine(){
		resourceMap.clear();
	}
	
	private void loadResource(){

		resourceMap = new HashMap<String, Collection<ConfigAttribute>>();
     	/**
     	 * 获取url权限在这里
     	 */
		List<TblMenuButtonInfo> resources = iMenuService.getMenusWithRole();
		if(resources != null && !resources.isEmpty()){
			for (TblMenuButtonInfo resource : resources) {
				if (resource != null) {
					Collection<ConfigAttribute> configAttributes = resource.getRoleAuthorities();
					String resourceUrl = resource.getMenuButtonUrl();
					if(StringUtils.isNotBlank(resourceUrl))
					resourceMap.put(resourceUrl, configAttributes);
				}
		  }
		}
     	//登录，修改密码的URL的权限
     	Collection<ConfigAttribute> configAttributes = new ArrayList<ConfigAttribute>();
     	configAttributes.add(new SecurityConfig(Constants.DEFAULT_ROLE));

	}
		
	// 返回所请求资源所需要的权限
	@SuppressWarnings("rawtypes")
	@Override
	public Collection<ConfigAttribute> getAttributes(Object object)
			throws IllegalArgumentException {
	 
			String requestUrl = ((FilterInvocation) object).getRequestUrl();
			PathMatcher matcher = new AntPathMatcher();  
			//静态资源直接返回
			for(String url:passedUrls){
				if(matcher.match(url, requestUrl)){
					return null;
				}
			}
	
			if (resourceMap == null||resourceMap.isEmpty()) {
				loadResourceDefine();
			}
			
			
			if (requestUrl.indexOf("?") > -1) {
				requestUrl = requestUrl.substring(0, requestUrl.indexOf("?"));
			}
			
			//如果请求URL为菜单或者其对应的子目录，则返回当前权限集合，否则只需要限制修改密码的路径
			Collection<ConfigAttribute> configAttributes =  new ArrayList<ConfigAttribute>();
			
			for (Iterator iter = resourceMap.entrySet().iterator(); iter.hasNext();) {
				Map.Entry entry = (Map.Entry) iter.next();
				String url = (String) entry.getKey();
				if(StringUtils.isNotBlank(url)&&requestUrl.equals(url)){
					configAttributes = resourceMap.get(url);
					break;
				}
			}
			return configAttributes;
	}
	
	 
}
